-
Notifications
You must be signed in to change notification settings - Fork 0
138 lines (127 loc) · 5.16 KB
/
build-images.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
name: build-images
on:
push:
branches:
- "production"
- "main"
- "dev"
# Trigger without any parameters a proactive rebuild
workflow_dispatch: {}
workflow_call:
jobs:
container:
runs-on: ubuntu-latest
# https://docs.github.com/en/actions/reference/authentication-in-a-workflow
permissions:
id-token: write
packages: write
contents: read
timeout-minutes: 60
strategy:
matrix:
include:
- IMAGE_NAME: "gcr.io/op-batcher"
DOCKERFILE: "./op-batcher/Dockerfile"
CONTEXT: "./"
- IMAGE_NAME: "gcr.io/op-node-devnet"
DOCKERFILE: "./op-node/Dockerfile.devnet"
CONTEXT: "./"
- IMAGE_NAME: "gcr.io/op-node"
DOCKERFILE: "./op-node/Dockerfile"
CONTEXT: "./"
- IMAGE_NAME: "gcr.io/op-proposer"
DOCKERFILE: "./op-proposer/Dockerfile"
CONTEXT: "./"
- IMAGE_NAME: "gcr.io/op-exporter"
DOCKERFILE: "./op-exporter/Dockerfile"
CONTEXT: "./"
- IMAGE_NAME: "gcr.io/optimisml1"
DOCKERFILE: "./ops-bedrock/Dockerfile.l1"
CONTEXT: "./ops-bedrock"
- IMAGE_NAME: "gcr.io/optimisml2"
DOCKERFILE: "./ops-bedrock/Dockerfile.l2"
CONTEXT: "./ops-bedrock"
- IMAGE_NAME: "gcr.io/op-fault-detector"
DOCKERFILE: "./packages/fault-detector/Dockerfile"
CONTEXT: "./packages/fault-detector"
- IMAGE_NAME: "gcr.io/op-withdrawal-monitor"
DOCKERFILE: "./packages/chain-mon/Dockerfile"
CONTEXT: "./packages/chain-mon"
steps:
- name: Checkout repository
id: checkout
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Install Docker BuildX
uses: docker/setup-buildx-action@v2
id: buildx
with:
install: true
- name: set-env
if: ${{ github.ref == 'refs/heads/production' }}
run: |
echo "REGISTRY=us-docker.pkg.dev/optimum-sound-359720" >> $GITHUB_ENV
- name: set-env
if: ${{ github.ref == 'refs/heads/main' }}
run: |
echo "REGISTRY=us-docker.pkg.dev/exfac-staging" >> $GITHUB_ENV
- name: set-env
if: ${{ github.ref == 'refs/heads/dev' }}
run: |
echo "REGISTRY=us-docker.pkg.dev/exfac-dev" >> $GITHUB_ENV
- id: 'auth'
name: 'Authenticate to Google Cloud'
uses: 'google-github-actions/auth@v0'
with:
credentials_json: ${{ github.ref == 'refs/heads/production' && secrets.DEPLOYER_SERVICE_ACCOUNT_KEY || github.ref == 'refs/heads/main' && secrets.STAGING_DEPLOYER_SERVICE_ACCOUNT_KEY || github.ref == 'refs/heads/dev' && secrets.DEV_DEPLOYER_SERVICE_ACCOUNT_KEY }}
- name: Authenticate docker
run: |
gcloud auth configure-docker --quiet us-docker.pkg.dev
# Extract metadata (tags, labels) for Docker
# https://github.com/docker/metadata-action
- name: Extract Docker metadata
id: meta
uses: docker/metadata-action@v4
with:
images: ${{ env.REGISTRY }}/${{ matrix.IMAGE_NAME }}
- name: SemVer
id: semver
uses: paulhatch/semantic-version@v5.0.2
with:
tag_prefix: "v"
major_pattern: "(MAJOR)"
minor_pattern: "(MINOR)"
bump_each_commit: true
# If the job is triggered via workflow dispatch and on a master branch, tag branch and latest
# Otherwise, just tag as the branch name
- name: Finalize Docker Metadata
id: docker_tagging
run: |
echo "manual trigger from master/main branch, assigning latest tag"
echo "::set-output name=docker_tags::${{ env.REGISTRY }}/${{ matrix.IMAGE_NAME }}:${GITHUB_REF##*/},${{ env.REGISTRY }}/${{ matrix.IMAGE_NAME }}:latest,${{ env.REGISTRY }}/${{ matrix.IMAGE_NAME }}:${{ steps.semver.outputs.version_tag }}"
# Log docker metadata to explicitly know what is being pushed
- name: Inspect Docker Metadata
run: |
echo "TAGS -> ${{ steps.docker_tagging.outputs.docker_tags }}"
echo "LABELS -> ${{ steps.meta.outputs.labels }}"
# Build and push Docker image
# https://github.com/docker/build-push-action
# https://github.com/docker/build-push-action/blob/master/docs/advanced/cache.md
- name: Build and push Docker image
uses: docker/build-push-action@v3.1.1
with:
context: ${{ matrix.CONTEXT }}
push: true
file: ${{ matrix.DOCKERFILE }}
platforms: linux/amd64,linux/arm64
tags: ${{ steps.docker_tagging.outputs.docker_tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
build-args: |
BUILDTIME=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }}
VERSION=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.version'] }}
REVISION=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }}